<?php
$autoload='external';
//delete page
function page_delete() {
	global $conf;

	SQLvalidate($_GET['page']);

	$db = new dbquery;

	$db->query("SELECT * FROM $conf[prefix]pages WHERE id = $_GET[page]") or $db->err(__FILE__, __LINE__);

	$d = $db->fetch_object();

	$t = "title_$_SESSION[lang_short]";

	$title = stripslashes($d->$t);

	$id_ = $d->id;
	$cat = $d->cat;

	if(!perms_check('pages', 'del') and $_SESSION['id'] != $d->id) {
		plugins('std/unauth/');
		redirect('index.php?module=error&error=auth_error');
		exit;
	}
	else {
		$db->query("DELETE FROM $conf[prefix]pages WHERE id = $_GET[page]") or $db->err(__FILE__, __LINE__);

		//odejmowanie ilosci stron do kategorii
		if($cat != 0) {
			$i = $cat;
			do {
				$db->query("UPDATE $conf[prefix]categories SET pages=pages-1 WHERE id = $i") or $db->err(__FILE__, __LINE__);
				$db->query("SELECT * FROM $conf[prefix]categories WHERE id = $i") or $db->err(__FILE__, __LINE__);

				$d = $db->fetch_object();
				$i = $d->parent;
			}
			while($i != 0);
		}
		//

		//add log
		
		//
	}

	redirect('index.php?module=admin&action=pages');
	exit;
}
//

//editing page
function page_edit() {
	global $conf;

	SQLvalidate($_POST['id'], 'int', 8);
	SQLvalidate($_POST['author'], 'int', 8);
	SQLvalidate($_POST['category'], 'int', 8);
	SQLvalidate($_POST['date'], 'datetime');

	$db = new dbquery;

	$db->query("SELECT * FROM $conf[prefix]pages WHERE id=$_POST[id]") or $db->err(__FILE__, __LINE__);

	$d = $db->fetch_object();

	if(!perms_check('pages', 'edit') and $_SESSION['id'] != $d->author) {
		plugins('std/unauth/');
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	$languages = get_lang_list();
	foreach($languages as $l) {
		$_POST["text_$l"]=post_text($_POST["text_$l"]);
		SQLvalidate($_POST["text_$l"], 'text');
		SQLvalidate($_POST["title_$l"], 'varchar');
	}

	if($_POST['visible'] == '')
	$visible = 0;
	else
	$visible = 1;

	$query = "UPDATE $conf[prefix]pages SET ";

	foreach($languages as $l)
	$query .= "title_$l = '".$_POST["title_$l"]."', text_$l = '".$_POST["text_$l"]."', ";

	$query .= "author=$_POST[author], cat=$_POST[category], visible=$visible, date='$_POST[date]' WHERE id=$_POST[id]";

	$db->query($query) or $db->err(__FILE__, __LINE__);

	//categories
	if($_POST['old_cat'] != $_POST['category']) {
		if($_POST['old_cat'] != 0) {
			$i = $_POST['old_cat'];
			do {
				$db->query("UPDATE $conf[prefix]categories SET pages=pages-1 WHERE id = $i") or $db->err(__FILE__, __LINE__);
				$db->query("SELECT * FROM $conf[prefix]categories WHERE id = $i") or $db->err(__FILE__, __LINE__);

				$d = $db->fetch_object();
				$i = $d->parent;
			} while($i != 0);
		}
		if($_POST['category'] != 0) {
			$i = $_POST['category'];
			do {
				$db->query("UPDATE $conf[prefix]categories SET pages=pages+1 WHERE id = $i") or $db->err(__FILE__, __LINE__);
				$db->query("SELECT * FROM $conf[prefix]categories WHERE id = $i") or $db->err(__FILE__, __LINE__);

				$d = $db->fetch_object();
				$i = $d->parent;
			} while($i != 0);
		}
	}

	//add log
	
	//

	redirect($_SESSION['redirect_2']);
	exit;
}
//

//add article
function page_add() {
	global $conf;

	SQLvalidate($_POST['author'], 'int', 8);
	SQLvalidate($_POST['category'], 'int', 8);
	SQLvalidate($_POST['date'], 'datetime');

	if($_SESSION['logged_in'] != '1' or !perms_check('pages', 'add')) {
		plugins('std/unauth/');
		redirect('index.php?module=error&error=auth_error');
		exit();
	}

	$languages = get_lang_list();
	foreach($languages as $l) {
		$_POST["text_$l"]=post_text($_POST["text_$l"]);
		SQLvalidate($_POST["text_$l"], 'text');
		SQLvalidate($_POST["title_$l"], 'varchar');
	}

	$db = new dbquery;

	if(!perms_check('pages', 'edit') || ($_POST['visible'] == '')) {
		$visible = 0;
		$author = $_SESSION['id'];
	}
	else {
		$visible = 1;
		$author = $_POST['author'];
	}

	$query = "INSERT INTO $conf[prefix]pages VALUES('', '$_POST[date]', $author, $_POST[category], $visible";

	foreach($languages as $l)
	$query .= ", '".$_POST["title_$l"]."', '".$_POST["text_$l"]."'";

	$query .= ")";

	$db->query($query) or $db->err(__FILE__, __LINE__);

	if($_POST['category'] != 0) {
		$i = $_POST['category'];
		do {
			$db->query("UPDATE $conf[prefix]categories SET pages=pages+1 WHERE id = $i") or $db->err(__FILE__, __LINE__);
			$db->query("SELECT * FROM $conf[prefix]categories WHERE id = $i") or $db->err(__FILE__, __LINE__);

			$d = $db->fetch_object();
			$i = $d->parent;
		}
		while($i != 0);
	}

	//add log
	
	//

	redirect('index.php?module=admin&action=pages');
	exit;
}
//

?>
